From 70d213efb38ec7810e9ee8aa0fd35e3c0a038213 Mon Sep 17 00:00:00 2001
From: Audrey Dutcher <audrey@rhelmot.io>
Date: Wed, 20 Dec 2017 18:34:33 -0800
Subject: [PATCH] Minor fixups for all examples; add testcases to check for
 example coverage and API doc coverage

---
 api-doc/source/angr.rst               |  75 +++++++++++++++-
 api-doc/source/archinfo.rst           |  16 ++++
 api-doc/source/claripy.rst            |   6 ++
 api-doc/source/cle.rst                |  24 ++++-
 api-doc/source/pyvex.rst              |  18 +++-
 docs/loading.md                       |   4 +-
 examples/simple_heap_overflow/exploit | Bin 316 -> 316 bytes
 examples/tumctf2016_zwiebel/solve.py  |   8 +-
 examples/unmapped_analysis/solve.py   |   2 +-
 test.py                               | 122 +++++++++++++++++---------
 10 files changed, 220 insertions(+), 55 deletions(-)

diff --git a/api-doc/source/angr.rst b/api-doc/source/angr.rst
index 74baca69..c1477dd0 100644
--- a/api-doc/source/angr.rst
+++ b/api-doc/source/angr.rst
@@ -1,25 +1,42 @@
 :mod:`angr` --- Analysis and Coordination
 =========================================
 
+.. automodule:: angr
 
 Project
 -------
 
 .. automodule:: angr.project
 .. automodule:: angr.factory
+.. automodule:: angr.block
 
 Program State
 -------------
 .. automodule:: angr.sim_state
 .. automodule:: angr.sim_options
 .. automodule:: angr.state_plugins
+.. automodule:: angr.state_plugins.plugin
 .. automodule:: angr.state_plugins.inspect
 .. automodule:: angr.state_plugins.libc
 .. automodule:: angr.state_plugins.posix
 .. automodule:: angr.state_plugins.solver
+.. automodule:: angr.state_plugins.log
+.. automodule:: angr.state_plugins.callstack
+.. automodule:: angr.state_plugins.fast_memory
+.. automodule:: angr.state_plugins.history
+.. automodule:: angr.state_plugins.gdb
+.. automodule:: angr.state_plugins.cgc
+.. automodule:: angr.state_plugins.trace_additions
+.. automodule:: angr.state_plugins.globals
+.. automodule:: angr.state_plugins.uc_manager
+.. automodule:: angr.state_plugins.scratch
+.. automodule:: angr.state_plugins.preconstrainer
+.. automodule:: angr.state_plugins.unicorn_engine
+
 
 Storage
 -------
+
 .. automodule:: angr.storage
 .. automodule:: angr.state_plugins.view
 .. automodule:: angr.storage.file
@@ -27,9 +44,26 @@ Storage
 .. automodule:: angr.state_plugins.symbolic_memory
 .. automodule:: angr.state_plugins.abstract_memory
 .. automodule:: angr.storage.memory_object
+.. automodule:: angr.storage.pcap
 .. automodule:: angr.storage.paged_memory
 .. automodule:: angr.concretization_strategies
 
+Concretization Strategies
+-------------------------
+
+.. automodule:: angr.concretization_strategies.single
+.. automodule:: angr.concretization_strategies.eval
+.. automodule:: angr.concretization_strategies.norepeats
+.. automodule:: angr.concretization_strategies.solutions
+.. automodule:: angr.concretization_strategies.nonzero_range
+.. automodule:: angr.concretization_strategies.range
+.. automodule:: angr.concretization_strategies.max
+.. automodule:: angr.concretization_strategies.norepeats_range
+.. automodule:: angr.concretization_strategies.nonzero
+.. automodule:: angr.concretization_strategies.any
+.. automodule:: angr.concretization_strategies.controlled_data
+
+
 Simulation Manager
 ------------------
 
@@ -86,6 +120,7 @@ Calling Conventions and Types
 .. automodule:: angr.sim_variable
 .. automodule:: angr.sim_type
 .. automodule:: angr.type_backend
+.. automodule:: angr.callable
 
 Knowledge Base
 --------------
@@ -104,6 +139,7 @@ Knowledge Base
 .. automodule:: angr.knowledge_plugins.variables
 .. automodule:: angr.knowledge_plugins.variables.variable_access
 .. automodule:: angr.knowledge_plugins.variables.variable_manager
+.. automodule:: angr.keyed_region
 
 
 Analysis
@@ -111,29 +147,64 @@ Analysis
 
 .. automodule:: angr.analyses
 .. automodule:: angr.analyses.analysis
+.. automodule:: angr.analyses.forward_analysis
 .. automodule:: angr.analyses.backward_slice
 .. automodule:: angr.analyses.bindiff
 .. automodule:: angr.analyses.boyscout
-.. automodule:: angr.analyses.cdg
+.. automodule:: angr.analyses.cfg
+.. automodule:: angr.analyses.cfg.cfg
 .. automodule:: angr.analyses.cfg.cfg_accurate
 .. automodule:: angr.analyses.cfg.cfg_base
 .. automodule:: angr.analyses.cfg.cfg_fast
 .. automodule:: angr.analyses.cfg.cfg_node
+.. automodule:: angr.analyses.cfg.cfg_arch_options
+.. automodule:: angr.analyses.cfg.cfg_job_base
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers.x86_pe_iat
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers.mips_elf_fast
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers.x86_elf_pic_plt
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers.default_resolvers
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers.jumptable
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers.resolver
+.. automodule:: angr.analyses.cfg.indirect_jump_resolvers
+.. automodule:: angr.analyses.cfg.cfg_utils
+.. automodule:: angr.analyses.cdg
 .. automodule:: angr.analyses.code_location
 .. automodule:: angr.analyses.datagraph_meta
 .. automodule:: angr.analyses.ddg
 .. automodule:: angr.analyses.dfg
-.. automodule:: angr.analyses.forward_analysis
+.. automodule:: angr.analyses.variable_recovery.annotations
+.. automodule:: angr.analyses.variable_recovery.variable_recovery_fast
+.. automodule:: angr.analyses.variable_recovery.variable_recovery
+.. automodule:: angr.analyses.variable_recovery
 .. automodule:: angr.analyses.girlscout
+.. automodule:: angr.analyses.identifier.identify
 .. automodule:: angr.analyses.loopfinder
 .. automodule:: angr.analyses.veritesting
 .. automodule:: angr.analyses.vfg
 .. automodule:: angr.analyses.vsa_ddg
+.. automodule:: angr.analyses.disassembly
+.. automodule:: angr.analyses.disassembly_utils
+.. automodule:: angr.analyses.reassembler
+.. automodule:: angr.analyses.congruency_check
+.. automodule:: angr.analyses.static_hooker
+.. automodule:: angr.analyses.binary_optimizer
+.. automodule:: angr.analyses.callee_cleanup_finder
 .. automodule:: angr.blade
 .. automodule:: angr.slicer
 .. automodule:: angr.annocfg
+.. automodule:: angr.codenode
+
 
 SimOS
 -----
 
 .. automodule:: angr.simos
+.. automodule:: angr.simos.simos
+.. automodule:: angr.simos.linux
+.. automodule:: angr.simos.cgc
+.. automodule:: angr.simos.userland
+.. automodule:: angr.simos.windows
+
+Errors
+------
+.. automodule:: angr.errors
diff --git a/api-doc/source/archinfo.rst b/api-doc/source/archinfo.rst
index c0f5b70f..a4b58ed0 100644
--- a/api-doc/source/archinfo.rst
+++ b/api-doc/source/archinfo.rst
@@ -2,6 +2,10 @@
 ===============================================
 
 .. automodule:: archinfo
+
+Architectures
+-------------
+
 .. automodule:: archinfo.arch
 .. automodule:: archinfo.arch_aarch64
 .. automodule:: archinfo.arch_amd64
@@ -11,3 +15,15 @@
 .. automodule:: archinfo.arch_ppc32
 .. automodule:: archinfo.arch_ppc64
 .. automodule:: archinfo.arch_x86
+.. automodule:: archinfo.arch_avr
+
+Utilities
+---------
+
+.. automodule:: archinfo.tls
+.. automodule:: archinfo.defines
+
+Errors
+------
+
+.. automodule:: archinfo.archerror
diff --git a/api-doc/source/claripy.rst b/api-doc/source/claripy.rst
index a179c3cf..1bf75bd3 100644
--- a/api-doc/source/claripy.rst
+++ b/api-doc/source/claripy.rst
@@ -46,6 +46,11 @@ Backends
 .. automodule:: claripy.backend_object
 .. automodule:: claripy.backends.backend_concrete
 .. automodule:: claripy.backends.backend_z3
+.. automodule:: claripy.backends.backend_z3_parallel
+.. automodule:: claripy.backends.celeryconfig
+.. automodule:: claripy.backends.remotetasks
+.. automodule:: claripy.backends.backend_vsa
+.. automodule:: claripy.backends.backendremote
  
 
 Frontends
@@ -59,6 +64,7 @@ Frontends
 .. automodule:: claripy.frontends.hybrid_frontend
 .. automodule:: claripy.frontends.light_frontend
 .. automodule:: claripy.frontends.replacement_frontend
+.. automodule:: claripy.solvers
 
 
 Frontend Mixins
diff --git a/api-doc/source/cle.rst b/api-doc/source/cle.rst
index eff49f78..ef279d69 100644
--- a/api-doc/source/cle.rst
+++ b/api-doc/source/cle.rst
@@ -17,24 +17,29 @@ Backends
 .. automodule:: cle.backends.externs
 .. automodule:: cle.backends.symbol
 .. automodule:: cle.backends.regions
+.. automodule:: cle.backends.region
+.. automodule:: cle.backends.elf
 .. automodule:: cle.backends.elf.elf
 .. automodule:: cle.backends.elf.elfcore
 .. automodule:: cle.backends.elf.metaelf
 .. automodule:: cle.backends.elf.symbol
 .. automodule:: cle.backends.elf.regions
 .. automodule:: cle.backends.elf.hashtable
+.. automodule:: cle.backends.pe
 .. automodule:: cle.backends.pe.pe
 .. automodule:: cle.backends.pe.symbol
 .. automodule:: cle.backends.pe.regions
+.. automodule:: cle.backends.macho
 .. automodule:: cle.backends.macho.macho
 .. automodule:: cle.backends.macho.symbol
 .. automodule:: cle.backends.macho.section
 .. automodule:: cle.backends.macho.segment
 .. automodule:: cle.backends.macho.binding
+.. automodule:: cle.backends.cgc
 .. automodule:: cle.backends.cgc.cgc
 .. automodule:: cle.backends.cgc.backedcgc
-.. automodule:: cle.backends.ihex
 .. automodule:: cle.backends.blob
+.. automodule:: cle.backends.ihex
 .. automodule:: cle.backends.idabin
 
 
@@ -50,8 +55,25 @@ Look at the existing versions for details.
 .. automodule:: cle.backends.relocation
 .. automodule:: cle.backends.elf.relocation
 .. automodule:: cle.backends.elf.relocation.elfreloc
+.. automodule:: cle.backends.elf.relocation.mips64
+.. automodule:: cle.backends.elf.relocation.generic
+.. automodule:: cle.backends.elf.relocation.armel
+.. automodule:: cle.backends.elf.relocation.ppc
+.. automodule:: cle.backends.elf.relocation.armhf
+.. automodule:: cle.backends.elf.relocation.pcc64
+.. automodule:: cle.backends.elf.relocation.i386
+.. automodule:: cle.backends.elf.relocation.amd64
+.. automodule:: cle.backends.elf.relocation.mips
+.. automodule:: cle.backends.elf.relocation.arm
+.. automodule:: cle.backends.elf.relocation.arm64
 .. automodule:: cle.backends.pe.relocation
 .. automodule:: cle.backends.pe.relocation.pereloc
+.. automodule:: cle.backends.pe.relocation.generic
+.. automodule:: cle.backends.pe.relocation.i386
+.. automodule:: cle.backends.pe.relocation.amd64
+.. automodule:: cle.backends.pe.relocation.mips
+.. automodule:: cle.backends.pe.relocation.arm
+.. automodule:: cle.backends.pe.relocation.riscv
 
 
 Thread-local storage
diff --git a/api-doc/source/pyvex.rst b/api-doc/source/pyvex.rst
index 3b5ad904..59050602 100644
--- a/api-doc/source/pyvex.rst
+++ b/api-doc/source/pyvex.rst
@@ -16,10 +16,22 @@ IR Components
 .. automodule:: pyvex.stmt
 .. automodule:: pyvex.expr
 .. automodule:: pyvex.const
+.. automodule:: pyvex.enums
 
+Lifting System
+--------------
 
-Misc. Things
-------------
+.. automodule:: pyvex.lift
+.. automodule:: pyvex.lift.libvex
+.. automodule:: pyvex.lift.fixes
+.. automodule:: pyvex.lift.util.irsb_postprocess
+.. automodule:: pyvex.lift.util.syntax_wrapper
+.. automodule:: pyvex.lift.util
+.. automodule:: pyvex.lift.util.vex_helper
+.. automodule:: pyvex.lift.util.lifter_helper
+.. automodule:: pyvex.lift.util.instr_helper
+
+Errors
+------
 
-.. automodule:: pyvex.enums
 .. automodule:: pyvex.errors
diff --git a/docs/loading.md b/docs/loading.md
index 2921e7a3..dfa7bf60 100644
--- a/docs/loading.md
+++ b/docs/loading.md
@@ -94,11 +94,11 @@ You can interact directly with these objects to extract metadata from them:
 <.text | offset 0x580, vaddr 0x400580, size 0x338>
 
 # Get the address of the PLT stub for a symbol
->>> addr = obj.plt['__libc_start_main']
+>>> addr = obj.plt['abort']
 >>> addr
 0x400540
 >>> obj.reverse_plt[addr]
-'__libc_start_main'
+'abort'
 
 # Show the prelinked base of the object and the location it was actually mapped into memory by CLE
 >>> obj.linked_base
diff --git a/examples/simple_heap_overflow/exploit b/examples/simple_heap_overflow/exploit
index 5d3ea28ef4833ff63be4bf8c5b75a42ec0774012..78d8f6262621a9de2159da26977d02ebc28f45d6 100644
GIT binary patch
delta 23
fcmdnPw1;VeEF<?sM%jth)=W}d6B~C=6yO8^Pr3$)

delta 16
YcmdnPw1;V8gY`sf>xouU6DO<z05#_Zf&c&j

diff --git a/examples/tumctf2016_zwiebel/solve.py b/examples/tumctf2016_zwiebel/solve.py
index 3eb52277..0909805a 100644
--- a/examples/tumctf2016_zwiebel/solve.py
+++ b/examples/tumctf2016_zwiebel/solve.py
@@ -29,12 +29,15 @@ def main():
 
     assert sm.deadended
     flag = sm.deadended[-1].posix.dumps(0).split("\n")[0]
-    print flag
+    return flag
 
     # import ipdb; ipdb.set_trace()
 
+def test():
+    assert main == 'hxp{1_h0p3_y0u_d1dnt_p33l_th3_0ni0n_by_h4nd}'
+
 if __name__ == "__main__":
-    main()
+    print main()
 
 """
 Here is the output (after 2 hours and 31 minutes on my machine running Pypy):
@@ -47,4 +50,3 @@ def main():
 hxp{1_h0p3_y0u_d1dnt_p33l_th3_0ni0n_by_h4nd}
 :)
 """
-
diff --git a/examples/unmapped_analysis/solve.py b/examples/unmapped_analysis/solve.py
index ba931362..2f964c8a 100755
--- a/examples/unmapped_analysis/solve.py
+++ b/examples/unmapped_analysis/solve.py
@@ -36,7 +36,7 @@ def main():
 	return keys
 
 def test():
-	keys = ['e6dba991c1745128787fbc7a9843306cb2bcc63e', '275edf0657388c3a1197cdadfad7b96da0f977a3'].sort()
+	keys = sorted(['e6dba991c1745128787fbc7a9843306cb2bcc63e', '275edf0657388c3a1197cdadfad7b96da0f977a3'])
 	assert main() == keys
 
 if __name__ == '__main__':
diff --git a/test.py b/test.py
index 513c6048..6091beb4 100644
--- a/test.py
+++ b/test.py
@@ -3,6 +3,7 @@
 import sys
 import itertools
 import traceback
+import subprocess
 
 from nose.plugins.attrib import attr
 
@@ -24,6 +25,7 @@ def _path(d):
 
 sys.path.append('.')
 def exampletest_single(example_dir):
+    init_pwd = os.getcwd()
     os.chdir(_path('examples/') + example_dir)
     print os.getcwd()
     try:
@@ -31,7 +33,7 @@ def exampletest_single(example_dir):
         s = reload(s)
         s.test()
     finally:
-        os.chdir('../..')
+        os.chdir(init_pwd)
 
 def doctest_single(md_file):
     claripy.ast.base.var_counter = itertools.count()
@@ -78,15 +80,19 @@ def test_docs():
     for md_file in md_files:
         yield doctest_single, md_file
 
+## BEGIN EXAMPLE TESTS
+#@attr(speed='slow')
 #def test_9447_nobranch(): exampletest_single('9447_nobranch')
 def test_0ctf_trace():  exampletest_single('0ctf_trace')
 def test_ais3_crackme(): exampletest_single('ais3_crackme')
-def test_asisctffinals2015_fake(): exampletest_single('asisctffinals2015_fake')
+#@attr(speed='slow')
+#def test_asisctffinals2015_fake(): exampletest_single('asisctffinals2015_fake')
 def test_asisctffinals2015_license(): exampletest_single('asisctffinals2015_license')
 def test_CADET_00001(): exampletest_single('CADET_00001')
 @attr(speed='slow')
 def test_cmu_binary_bomb(): exampletest_single('cmu_binary_bomb')
-#def test_csaw_wyvern(): exampletest_single('csaw_wyvern')
+@attr(speed='slow')
+def test_csaw_wyvern(): exampletest_single('csaw_wyvern')
 def test_defcamp_r100(): exampletest_single('defcamp_r100')
 #def test_defcamp_r200(): exampletest_single('defcamp_r200')
 def test_ekopartyctf2015_rev100(): exampletest_single('ekopartyctf2015_rev100')
@@ -95,61 +101,91 @@ def test_ekopartyctf2016_sokohashv2(): exampletest_single('ekopartyctf2016_sokoh
 def test_fauxware(): exampletest_single('fauxware')
 def test_flareon2015_10(): exampletest_single('flareon2015_10')
 def test_flareon2015_2(): exampletest_single('flareon2015_2')
+@attr(speed='slow')
 def test_flareon2015_5(): exampletest_single('flareon2015_5')
 def test_google2016_unbreakable_0(): exampletest_single('google2016_unbreakable_0')
 def test_google2016_unbreakable_1(): exampletest_single('google2016_unbreakable_1')
 def test_grub(): exampletest_single('grub')
-#def test_layer7_onlyone(): exampletest_single('layer7_onlyone')
+@attr(speed='slow')
+def test_layer7_onlyone(): exampletest_single('layer7_onlyone')
 def test_mma_howtouse(): exampletest_single('mma_howtouse')
-#def test_mma_simplehash(): exampletest_single('mma_simplehash')
+@attr(speed='slow')
+def test_mma_simplehash(): exampletest_single('mma_simplehash')
 def test_securityfest_fairlight(): exampletest_single('securityfest_fairlight')
 def test_strcpy_find(): exampletest_single('strcpy_find')
 def test_whitehat_crypto400(): exampletest_single('whitehat_crypto400')
 def test_whitehatvn2015_re400(): exampletest_single('whitehatvn2015_re400')
 def test_secconquals2016_ropsynth(): exampletest_single('secconquals2016_ropsynth')
-
-#def test_0ctf_momo_3(): exampletest_single('0ctf_momo_3')
-#def test_defcon2016quals_baby_re_0(): exampletest_single('defcon2016quals_baby-re_0')
+@attr(speed='slow')
+def test_0ctf_momo_3(): exampletest_single('0ctf_momo_3')
+def test_defcon2016quals_baby_re_0(): exampletest_single('defcon2016quals_baby-re_0')
 def test_defcon2016quals_baby_re_1(): exampletest_single('defcon2016quals_baby-re_1')
 def test_sharif7_rev50(): exampletest_single(os.path.join('sharif7', 'rev50'))
 def test_simple_heap_overflow(): exampletest_single('simple_heap_overflow')
+def test_csci_0a(): exampletest_single('CSCI-4968-MBE/challenges/crackme0x00a')
+def test_csci_1(): exampletest_single('CSCI-4968-MBE/challenges/crackme0x01')
+def test_csci_2(): exampletest_single('CSCI-4968-MBE/challenges/crackme0x02')
+def test_csci_3(): exampletest_single('CSCI-4968-MBE/challenges/crackme0x03')
+def test_csci_4(): exampletest_single('CSCI-4968-MBE/challenges/crackme0x04')
+def test_csci_5(): exampletest_single('CSCI-4968-MBE/challenges/crackme0x05')
+def test_insomnihack_aeg(): exampletest_single('insomnihack_aeg')
+def test_android_license(): exampletest_single('android_arm_license_validation')
+def test_sym_write(): exampletest_single('sym-write')
+@attr(speed='slow')
+def test_angry_reverser(): exampletest_single('hackcon2016_angry-reverser')
+def test_sharif7(): exampletest_single('sharif7_rev50')
+def test_angrybird(): exampletest_single('codegate_2017-angrybird')
+@attr(speed='slow')
+def test_mbrainfuzz(): exampletest_single('secuinside2016mbrainfuzz')
+def test_unmapped_analysis(): exampletest_single('unmapped_analysis')
+@attr(speed='slow')
+def test_zwiebel(): exampletest_single('tumctf2016_zwiebel')
+## END EXAMPLE TESTS
+
+def test_example_inclusion():
+    to_test = subprocess.check_output(['/bin/bash', '-c', 'for c in $(find -name solve.py | cut -c 3-); do echo ${c%/solve.py}; done'], cwd=os.path.join(os.path.dirname(__file__), 'examples'))
+    with open(__file__) as fp:
+        test_source = fp.read()
+    example_tests = test_source[test_source.find('## BEGIN EXAMPLE TESTS'):test_source.find('## END EXAMPLE TESTS')]
+
+    missing = []
+    for line in to_test.strip().split('\n'):
+        if ("exampletest_single('%s')" % line) not in example_tests:
+            missing.append(line)
+    if missing:
+        raise Exception("The following examples are not represented in the test corpus:\n" + '\n'.join(missing))
+
+def test_api_coverage():
+    missing = []
+    exclude = ['angr.tablespecs', 'angr.service', 'pyvex.vex_ffi']
+    exclude_prefix = ['angr.procedures', 'angr.analyses.identifier', 'angr.misc', 'angr.surveyors', 'angr.engines.vex', 'claripy.utils']
+    for module in ['angr', 'claripy', 'cle', 'pyvex', 'archinfo']:
+        docs_file = 'api-doc/source/%s.rst' % module
+        module_dir = '../%s/%s' % (module, module)
+        module_list = subprocess.check_output('find -name \'*.py\'', cwd=module_dir, shell=True).split()
+        api_list = [x.split()[-1] for x in open(docs_file).readlines() if 'automodule' in x]
+        for partial in module_list:
+            full = module + '.' + partial[2:-3].replace('/', '.')
+            if full.endswith('.__init__'):
+                full = full[:-9]
+
+            if full not in api_list and full not in exclude:
+                for ep in exclude_prefix:
+                    if full.startswith(ep):
+                        break
+                else:
+                    missing.append(full)
+
+    if missing:
+        raise Exception("The following modules are not represnted in the api docs:\n" + '\n'.join(missing))
 
 if __name__ == '__main__':
+    test_example_inclusion()
+    test_api_coverage()
+
     for tester, arg in test_docs():
         tester(arg)
 
-    init_pwd = os.getcwd()
-    exampletest_single('0ctf_trace')
-    exampletest_single('ais3_crackme')
-    exampletest_single('asisctffinals2015_fake')
-    exampletest_single('asisctffinals2015_license')
-    exampletest_single('CADET_00001')
-    exampletest_single('cmu_binary_bomb')
-    exampletest_single('codegate_2017-angrybird')
-    exampletest_single('csaw_wyvern')
-    csci = os.path.join('CSCI-4968-MBE', 'challenges')
-    for crackme in os.listdir('examples/CSCI-4968-MBE/challenges'):
-        exampletest_single(os.path.join(csci, crackme))
-        os.chdir(init_pwd)
-    exampletest_single('defcamp_r100')
-    exampletest_single('defcon2016quals_baby-re_1')
-    exampletest_single('ekopartyctf2015_rev100')
-    exampletest_single('ekopartyctf2016_rev250')
-  # exampletest_single('ekopartyctf2016_sokohashv2')
-    exampletest_single('fauxware')
-  # exampletest_single('flareon2015_10')
-    exampletest_single('flareon2015_2')
-  # exampletest_single('flareon2015_5')
-    exampletest_single('google2016_unbreakable_0')
-    exampletest_single('google2016_unbreakable_1')
-    exampletest_single('grub')
-  # exampletest_single('mma_howtouse')
-    exampletest_single('secuinside2016mbrainfuzz')
-    exampletest_single('securityfest_fairlight')
-    exampletest_single('sharif7/rev50')
-    os.chdir(init_pwd)
-  # exampletest_single('simple_heap_overflow')
-    exampletest_single('strcpy_find')
-    exampletest_single('sym-write')
-    exampletest_single('whitehat_crypto400')
-  # exampletest_single('whitehatvn2015_re400')
+    for fname, func in globals().items():
+        if callable(func) and fname.startswith('test_') and fname not in ['test_example_inclusion', 'test_api_coverage', 'test_docs']:
+            func()